Prasad,
Here is one way that might work (I have not tried
this). Note: This method is not the most secure because it involves
storing a clear text copy of the users' passwords in another field on the User
form.
Create a character field on the User form to hold a
copy of a user's password.
In your workflow you use to allow users to change their
passwords Push the new password to both the Password field and the character
field.
Create a web application that, when
run:
- Grabs the NT user name
of the user logged into Windows
- Retrieves the clear text
password from your DBMS from the User_x SQL View. You could use the Remedy
API but if you use Windows Authentication (with SQL Server, for example) you
would be able to retrieve the user's password from a simple SELECT statement
without having to store the Demo password (for example) in the web application
or a config file.
- Redirect the user to the
Remedy form with the username and password in the URL. Since the user is
already logged into Windows seeing their Remedy password wouldn't matter.
Note: there might be a way to redirect the user to the Remedy URL without
displaying it in the browser address bar. Maybe someone else can offer a
solution to this part.
Variation: You could encrypt the clear
text password in the User form with an algorithm and password that only you
know. This would help ensure that no-one else would be able to figure
out what someone's password was if the happen to view the User form (ie. when
you step away from your computer).
Variation: Update the existing login.jsp web page to
retrieve the user's password directly. Then no redirection would be
needed.
HTH
Stephen
From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Nunna, Prasad
Sent: Wednesday, August 23, 2006 2:04 PM
To: [email protected]
Subject: Single Sign on
Hi
,
We would like to implement single sign on with remedy
midtier. When windows users click the login page( mid tier), I will detect
who(NT id) is connected on that PC. But I need to authenticate against
remedy server. IS there any way I can get the password and authenticate or is
there any procedure that I can skip the remedy authentication?
Please give me details if you know any info on
this topic. I appreciate your suggestions.
Thanks,
Prasad
__20060125_______________________This posting
was submitted with HTML in it___
__20060125_______________________This posting was submitted with HTML in it___
